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Top Stories 

• A man suspected of robbing or attempting to rob three banks in three States, and who 
allegedly shot and killed a police officer in Tupelo, Mississippi, was shot and killed by 
police following a robbery in Phoenix December 28. - Reuters (See item 4 ) 

• Eight people were arrested by authorities in Spain for allegedly participating in a $45 
million cybercrime scheme that made fraudulent ATM withdrawals in the U.S., Spain, and 
21 other countries. - Softpedia (See item 5 ) 

• Target confirmed December 27 that the attackers who compromised their systems and stole 
payment card information also obtained encrypted PIN data for debit cards. - Associated 
Press (See item 6) 

• A sewage leak from a wastewater treatment plant in Seymour, Connecticut, spilled about 
150,000 gallons of raw sewage into the Naugatuck River before it was contained December 
27. - WNPR 90.5 FM Meriden (See item 19 ) 




December 2013 



Fast Jump Menu 



PRODUCTION INDUSTRIES 

• Energy 

• Chemical 

• Nuclear Readers. Materials, and Waste 

• Critical Manufacturing 

• Defense Industrial Base 

• Dams 

SUSTENANCE and HEAUTH 

• Food and Agriculture 

• Water and Wastewater Systems 

• Healthcare and Public Health 



SERVICE INDUSTRIES 

• Financial Services 

• Transportation Systems 

• Information Technology 

• Communications 

• Commercial Facilities 
FEDERAL and STATE 

• Government Facilities 

• Emergency Services 



- 1 - 



Energy Sector 



1. December 27, New Orleans Times-Picayune - (Louisiana; Mississippi) Goodrich 
Petroleum reports problems with key Tuscaloosa Marine Shale well. Houston- 
based Goodrich Petroleum Corp. stated December 26 that test results for the 
Tuscaloosa Marine Shale well in Amite County, Mississippi, will be delayed until 2014 
as the company works to unclog the well. The well was near completion and started to 
produce oil and gas when it became clogged with debris during the drill process. 

Source: 

http://www.nola.com/business/index.ssf/2013/12/goodrich petroleum reports pro.html 

[ Return to top ] 

Chemical Industry Sector 

Nothing to report 



[ Return to top ] 

Nuclear Reactors, Materials, and Waste Sector 

2. December 27, SoMdNews.com - (Maryland) Minor fire safety violations found at 
CCNPP. Constellation Energy Nuclear Group identified one low to moderate 
significance fire safety violation at its Calvert Cliffs Nuclear Power Plant in Lusby 
during an inspection between October 21 and November 8. The company undertook 
action to correct the violation and one other minor violation. 

Source: 

http ://w w w. somdne ws .com/article/20 131 227/NEW S/13 1 229462/ 1 05 7/section/somdrss 
&template=southernMaryland 

[ Return to top ] 

Critical Manufacturing Sector 

3. December 30, Car Connection - (National) 2011-2012 Volvo S60 recalled for oil- 
pressure problem. Volvo announced a recall of 30,929 model year 2011 and 2012 S60 
vehicles equipped with five-cylinder engines due to an issue that could prevent the 
driver from being alerted when oil pressure is low. 

Source: http://www.thecarconnection.com/news/1089384 2011-2012-volvo-s60- 
recalled-for-oil-pressure-problem 

[ Return to top ] 



Defense Industrial Base Sector 



Nothing to report 
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Financial Services Sector 

4. December 30, Reuters- (Arizona; Georgia; Mississippi) Slain Phoenix bank robber 
was alleged cop killer who threatened U.S. President. A man suspected of robbing 
or attempting to rob three banks in Atlanta; Tupelo, Mississippi; and Phoenix was shot 
and ki lled by police following the Phoenix robbery December 28. The man allegedly 
shot and killed a police officer during the Tupelo robbery December 23 and had 
previously served time in prison for making threats against the U.S. President. 

Source: http://www.reuters.com/article/2013/12/30/us-usa-police-mississippi- 
idUSBRE9BR07320131230 

5. December 30, Softpedia - (International) 8 people arrested in Spain for role in 
$45M/ €33M cybercriminal scheme. Eight people were arrested by authorities in 
Spain for allegedly compromising the Spain cell of a $45 million cybercrime scheme 
that used compromised credit cards issued in Oman and the United Arab Emirates to 
make fraudulent ATM withdrawals in the U.S., Spain, and 21 other countries. 

Source: http://news.softpedia.com/news/8-People-Arrested-in-Spain-for-Role-in-45M- 
33M-Cybercriminal-Scheme-412696.shtml 

6. December 27, Associated Press - (National) Target: Debit PIN data stolen in Black 
Friday weekend credit breach. Target confirmed December 27 that the attackers who 
compromised their systems and stole payment card information also obtained encrypted 
PIN data for debit cards included in the breach. 

Source: http://www.northiersev.com/news/Target .html 

7. December 27, WBZ 4 Boston - (Massachusetts) Popular Boston restaurant group 
reports credit card data theft. Boston-based restaurant group Briar Group reported 
December 30 that cybercriminals breached its systems sometime in October or 
November and obtained access to payment card data. 

Source: http://boston.cbslocal.com/2013/12/27/popular-boston-restaurant-group- 
reports-credit-card-data-theft/ 

8. December 27, Florida Times-Union - (Florida) Jacksonville insurance salesman 
pleads guilty to Ponzi scheme. A Jacksonville insurance salesman pleaded guilty 
December 27 to running a Ponzi scheme through a shell company called Abaco 
Securities International, which defrauded over 50 investors of almost $5 million over 
15 years. 

Source: http ://members . i acksonville . com/new s/crime/20 13-12-27 /story/j ackson ville- 
insurance-salesman-pleads-guilty-ponzi-scheme 

For another story, see item 29 
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Transportation Systems Sector 



9. December 30, WBRC 6 Birmingham - (Alabama) Overturned 18-wheeler closes 
down 1-59 North in Fairfield. Officials closed the northbound lanes of Interstate 20/59 
in Fairfield for several hours December 29 after semi-truck carrying chocolate milk 
overturned, causing a minor fuel spill. 

Source: http://www.mvfoxal.com/story/24322474/overturned-18-wheeler-closes-down- 
i-59-north-in-fairfield 

10. December 30, Bangor Daily News - (Maine) Falling ice chunks keep Penobscot 
Narrows Bridge closed Monday morning. The Maine Department of Transportation 
closed the Penobscot Narrows Bridge in Verona Island December 29 after falling ice 
from the bridge’s cables damaged several cars. Officials are considering how to remove 
the remaining ice from the bridge, which will remain closed until it is determined safe 
for travel. 

Source: https://bangordailynews.com/2013/12/30/news/hancock/falling-ice-chunks- 
keep-penobscot-narrows-bridge-closed-monday-morning/ 

11. December 30, Anniston Star - (National) Local Amtrak services canceled in 
January, February. Amtrak announced that passenger service on two lines through 
Anniston, Alabama, will be canceled for multiple days in January and February 2014 
due to seasonal track work. Service will halt at 10 stations throughout several States. 
Source: http://annistonstar.com/bookmark/24302429-Local-Arntrak-services-canceled- 
in-January-February 

12. December 28, WJW 8 Cleveland - (Ohio) OSHP: ‘Following too close’ cause of 1-90 
crash. Ohio officials are investigating two accidents that closed a portion of 1-90 in 
Lake County, Ohio, for 6 hours December 27-December 28 involving four semi-trucks 
and other vehicles. 

Source: http://fox8.com/2013/12/28/oshp-following-too-close-cause-of-i-90-crash/ 

13. December 28, West Virginia MetroNews - (West Virginia) Norfolk Southern reopens 
tracks in McDowell. Norfolk Southern repaired approximately 700 feet of railroad 
track December 28 that was damaged after 16 railcars derailed in McDowell County, 
West Virginia, December 27 and suspended rail traffic in both directions. HAZMAT 
crews contained liquid asphalt that spilled into Elkhom Creek after a tanker car 
ruptured. 

Source: http://wvmetronews.com/2013/12/28/train-derailment-in-mcdowell-county/ 

14. December 27, Los Angeles Times - (California) L.A. tour bus company ordered to 
halt service due to safety concerns. The Federal Motor Carrier Administration 
ordered the Los Angeles-based bus company It’s Good Promotion to cease operations 
December 26 due to widespread safety problems that compromise employee and public 
safety. The investigation revealed the company did not properly screen its drivers for 
drug and alcohol use and the company allowed vehicles and unsafe buses on the road 
despite safety defects. 



- 4 - 



Source: http://www.latimes.com/local/la-me-1228-tour-bus-20131 228,0,76076 12. story 



15. December 27, Atlanta Journal-Constitution - (Georgia) MARTA police uncover 
bogus Breeze card scheme. Metropolitan Atlanta Rapid Transit Authority (MARTA) 
police arrested 7 suspects in connection with an ongoing investigation into the illegal 
sale of over 400 counterfeit Breeze Cards December 10. The suspects allegedly 
compromised the Breeze card security features to make and sell the counterfeit cards. 
Source: http://www.aic.com/news/news/local/marta-police-uncover-bogus-breeze-card- 
scheme/ncW3p/ 

For another story, see item 30 



[ Return to top ] 

Food and Agriculture Sector 

16. December 29, KENS 5 San Antonio - (Texas) Hazmat crews respond to S.A. produce 
plant after fumes make workers sick, SAFD says. Over 200 employees from the 
Fresh From Texas produce plant in San Antonio were evacuated and were sent home 
from the plant after chlorine fumes were detected originating from a cleaning solution. 
Source: http://www.kens5.com/news/local/Hazmat-crews-respond-to-SA-produce- 
plant-after-fumes-make-workers-sick-SAFD-says-237895441.html 

17. December 29, Boston Globe - (Massachusetts) Fire destroys slaughterhouse at live- 
generation-old, family-run Blood Farm in Groton. A 4-alarm fire destroyed a two- 
story slaughterhouse facility in Groton, Massachusetts, December 29. The cause of the 
fire that left the facility a total loss is under investigation. 

Source: http://www.boston.com/news/local/massachusetts/2013/12/29/fire-destroys- 

slaughterhouse-five-generation-old-family-run-blood-farm- 

groton/bHVPfnmg9U49fZypa4TE0J/storv.html 

18. December 28, Pittsburgh Post-Gazette - (Maryland; Ohio; Pennsylvania) Giant Eagle 
recalls candy because of possible peanut allergen. Giant Eagle recalled packages of 
Candy Place Chocolate Santas due to an undeclared peanut allergen December 28. The 
affected products were sold in Maryland, Ohio, and Pennsylvania Giant Eagle 
supermarkets. 

Source: http://www.post-gazette.com/local/region/2013/12/28/Giant-Eagle-recalls- 
candy-because-of-possible-peanut-allergen/stories/ 

[ Return to top ] 

Water and Wastewater Systems Sector 

19. December 27, WNPR 90.5 FM Meriden - (Connecticut) Sewage spill along the 
Naugatuck River is contained. A sewage leak from the Veolia Environment North 
America wastewater treatment plant in Seymour, Connecticut, spilled about 150,000 
gallons of raw sewage December 25 into the Naugatuck River before it was contained 
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December 27. 

Source: http://wnpr.org/post/sewage-spill-along-naugatuck-river-contained 
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Healthcare and Public Health Sector 



20. December 30, Associated Press - (South Carolina) Laptop with data of SC insurance 
pool customers stolen. The South Carolina Health Insurance Pool notified 3,432 
members that their personal information, including Social Security numbers, were on a 
password-protected laptop that was stolen from an independent auditor’s car October 
16. 

Source: http://www.wbtw.com/story/24326085/laptop-with-data-of-sc-insurance-pool- 
customers-stolen 



21. December 27, South Jersey Times - (New Jersey) Inspira: No patient information on 
stolen computer. Officials from Inspira Medical Center Vineland in New Jersey 
reported that a December 23 theft of a computer from the hospital’s radiology 
department did not contain patient information. Authorities continue to investigate the 
incident. 

Source: 

http://www.ni.com/cumberland/index.ssf/2013/12/inspira no patient information on 
stolen computer.html 



T Return to top i 



Government Facilities Sector 

22. December 30, Watertown Daily Times - (New York) Higley Flow State Park closed 
due to ice damage. Damage from an ice storm forced the New York Office of Parks, 
Recreation, and Historic Preservation to close Higley Flow State Park and its entire ski 
trails indefinitely while they assess and clean up the damage. 

Source: http ://w w w. watertowndail ytimes .com/article/20 131 230/NEWS09/7 12309916 

23. December 29, Associated Press - (Colorado) Colorado notifies 1,918 of Medicaid 
records breach. Federal authorities are investigating after Colorado Medicaid notified 
1,918 people of a security breach involving a private contractor employee who sent the 
recipient’s information to a personal email account. The employee was terminated and 
the Department of Health Care Policy and Financing said December 27 that the 
information may have been meant for the employee’s personal business use. 

Source: http://denver.cbslocal.com/2013/12/29/colorado-notifies-1918-of-medicaid- 
records-breach/ 

24. December 28, Biloxi Sun Herald - (Mississippi) Three sailors plead guilty in Navy 
travel scheme in Gulfport. Three U.S. Navy workers pleaded guilty to conspiring to 
defraud the U.S. Department of Defense in a travel-voucher scheme from October 2006 
to August 2011 following an investigation by authorities in Gulfport. At least five other 
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Navy workers were previously indicted in the plot to make false claims for illegal 
payments. 

Source: http://www.sunherald.com/2013/12/28/5221157/three-plead-guiltv-in-probe- 
of.html 
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Emergency Services Sector 

25. December 27, WTSP 10 St. Petersburg - (Florida) Two Hernando deputies accused 
of stealing money. A deputy and a sergeant from the Hernando County Sheriffs 
Office in Florida are being investigated for stealing money from the department. The 
deputy is accused of taking about $14,000 during his role as treasurer for the area’s 
Fraternal Order of Police, and the sergeant is accused of using money intended for vice 
operations for personal use. 

Source: http://www.wtsp.com/news/local/article/350344/8/Two-Hernando-deputies- 
accused-of-stealing-money 
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Information Technology Sector 

26. December 30, Softpedia - (International) Vulnerabilities in SD cards can be 
exploited for MTM attacks. Researchers presenting at the Chaos Communication 
Congress reported that they found vulnerabilities in Secure Digital (SD) memory cards 
that could be used to perform man-in-the-middle (MitM) attacks or to gain access to 
integrated microcontrollers. 

Source: http://news.softpedia.com/news/Vulnerabili ties-in-SD-Cards-Can-Be- 
Exploited-for-MITM- Attacks-4 12672. shtml 

27. December 27, Softpedia - (International) FeedBurner.com page set up to serve 
JavaScript trojan. Researchers at Zscaler found that a FeedBumer page is being 
abused in an effort to redirect users to a suspicious Web site using a JavaScript trojan 
that contains an iFrame. 

Source: http://news.softpedia.com/news/FeedBumer-com-Page-Set-Up-to-Serve- 
JavaScript-Troian-412273.shtml 

28. December 27, Dark Reading - (International) Researchers reveal Snapchat security 
issues. Researchers at Gibson Security published details and proof-of-concept code 
highlighting a vulnerability in Snapchat’ s “Find My Friends” feature that could be 
automated to search by phone number and compile a database of Snapchat profiles that 
could be used for various malicious purposes. 

Source: http://www.darkreading.com/vulnerability/researchers-reveal-snapchat- 
security-iss/240 165041 

29. December 27, Softpedia - (International) Cybercriminals abuse Network Time 
Protocol for DDOS attacks. Researchers at Symantec found that distributed denial of 
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service (DDoS) attacks have been launched using Network Time Protocol (NTP) 
reflection, with a peak of 15,000 IP addresses being observed in DDoS attacks 
December 16. 

Source: http://news.softpedia.com/news/Cvbercriminals-Abuse-Network-Tirne- 
Protocol-for-DDOS- Attacks-4 12215 . shtml 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

Nothing to report 
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Commercial Facilities Sector 

30. December 29, Palm Beach Post- (Florida) Bomb scare in Riviera Beach forces 
evacuation of marina, leads to arrest. The Riviera Beach Marina in Palm Beach was 
evacuated for several hours December 29 after a man claimed to have a bomb in a 
nearby vehicle. Vessels were prevented from entering the marina for several hours. 
Source: http://www.palmbeachpost.com/news/news/breaking-news/bomb-scare-in- 
riviera-beach-forces-evacuation-of-m/ncXt3/ 

31. December 29, WTOP 103.5 FM Washington, D.C. - (Washington, D.C.) Wheaton 
mall fire attributed to grease build-up. The Westfield Wheaton mall in Washington, 
D.C. was evacuated for around 3 hours December 28 after a kitchen fire broke out at 
the Crisp and Juicy restaurant due to grease build up in ducts over the cooking area. 
Source: http://www.wtop.com/52/3532383/Fire-forces-Marvland-mall-evacuation 

32. December 29, Sentinel Source - (New Hampshire) 9 injured at Rindge store; 
refrigerant likely to blame. The Market Basket grocery store in Rindge was evacuated 
and nine employees taken to a hospital December 29 after air quality problems were 
created by a leaky 30-pound refrigerant cylinder. 

Source: http://www.sentinelsource.com/news/local/hazardous-air-quality-evacuates- 
rindge-store-taken-to-hospital/article e7d7c98c-c517-5d89-8565-259720cl5dde.html 

33. December 29, WEWS 5 Cleveland - (Ohio) Cleveland hotel evacuated because of 
carbon monoxide. Guests at a Wyndham Hotel in Cleveland were evacuated for over 5 
hours December 28 after carbon monoxide leaked from the building’s boilers, sending 

1 8 to the hospital and making 20 others sick. 
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Source: http://www.newsnet5.com/news/local-news/cleveland-metro/cleveland-hotel- 
evacuated-because-of-carbon-monoxide 
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Dams Sector 



Nothing to report 
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About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] 
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily 
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site: 
http://www.dhs.gov/IPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 
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Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US -CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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